What Good Looks Like For Board Risk Management Post APRA’s Report

Following the Australian Prudential Regulation Authority report into the CBA and with additional impetus provided by the revelations from the Hayne Royal Commission, the role and governance of boards and their risk and reporting structures are being re-examined.

In the not too distance past, most company boards relied on reporting principally from the CEO and a handful of C suite executives and a board that oversaw ongoing profitability and dividends for shareholders could rest easy on that achievement.

APRA’s report has changed the expectations for board risk management. Consistent with this the Chairman of the Australian Securities and Investments Commission, James Shipton, has been meeting with chairmen, directors and executives describing the report as the “new bible” for boards.

At a high level, the CBA prudential report “identified a number of shortcomings in CBA’s governance, culture and accountability frameworks, particularly in dealing with non-financial risks” and set out recommendations and a process for a rigorous overhaul of risk management and reporting.

From sifting through the issues identified and extensive recommendations made in APRA’s report, here a 10 key themes for what good looks like for board’s management and reporting of risk:

2. Greater visibility of board members in risk focussed committees and with executives. Expect more questions and intervention.

3. Empowerment and autonomy of the risk management functions of companies ie operating with more authority and a direct reporting line into the board.

4. All parts of the risk management of companies being more coordinated.

5. Boards taking more immediate and proactive actions in relation to risk ie not complacent or reactive.

6. Reporting being required to focus on and clearly identify any errors, wrong doing and mistakes by the organisation ie allowing boards to assess the detailed nature of risk issues and immediately take required actions.

9. Remuneration for executives being more aligned to risk management. We all know that change tends to be more rapid and effective when aligned to remuneration structures. Expect changes to remuneration structures to super charge a changed risk environment.

10. With respect to reporting generally, we can expect boards to be asking for more and more of it and probably increasingly using outside consultants.

In a new era of the expectations for board responsibilities, executive teams will have much more proximity to and oversight from boards. Inherently this risks blurring the separation between boards and the executive – a much broader discussion!

However, exactly what the “new normal” is for board oversight and risk management is difficult to know as the corporate sector attempts to find a practical balance between increased vigilance and providing sufficient scope for executives to do their jobs. The extent to which companies and other stakeholders benefit from this will only be proven in time.

In any case expect material change as boards and the corporate sector as a whole look to restore and build trust with the public.